Problem
PR #1174 added .husky to the SENSITIVE_PATHS list in src/github/operations/restore-config.ts. This causes the .husky directory to be restored/reset during the action, which breaks repositories that commit their .husky files but rely on npx husky being run to install the hooks.
After this change, pre-commit hooks no longer run because the hook setup is wiped and would need to be reinstalled via npx husky.
This is a regression from the previous behavior where .husky was not treated as a sensitive path.
Context
See the discussion on #1174: #1174 (comment)
Expected Behavior
Repositories that commit .husky directory contents should continue to have their git hooks work as expected after the action runs.
Suggested Fix
Either:
- Remove
.husky from SENSITIVE_PATHS, or
- Only restore specific files within
.husky that are security-sensitive (e.g., prevent the action from adding new hooks), rather than blanket-restoring the entire directory
- ask the model tu run
npx husky or similar to re install correctly the hooks
Problem
PR #1174 added
.huskyto theSENSITIVE_PATHSlist insrc/github/operations/restore-config.ts. This causes the.huskydirectory to be restored/reset during the action, which breaks repositories that commit their.huskyfiles but rely onnpx huskybeing run to install the hooks.After this change, pre-commit hooks no longer run because the hook setup is wiped and would need to be reinstalled via
npx husky.This is a regression from the previous behavior where
.huskywas not treated as a sensitive path.Context
See the discussion on #1174: #1174 (comment)
Expected Behavior
Repositories that commit
.huskydirectory contents should continue to have their git hooks work as expected after the action runs.Suggested Fix
Either:
.huskyfromSENSITIVE_PATHS, or.huskythat are security-sensitive (e.g., prevent the action from adding new hooks), rather than blanket-restoring the entire directorynpx huskyor similar to re install correctly the hooks